一.网络拓补图
- 本架构中使用keepalived进行nginx的双机热备,keepalived可以用来防止服务器的单点故障的发生,通过配合nginx可以实现web前端服务的高可用
- Nginx+keepalived高可用架构有两种模式
- 主备模式:使用一个VIP(虚拟IP)地址,前端使用2台机器,一台做主,一台做备,但同时只有一台机器工作,另外一台备份机器在主机器不出现故障的时候,永远处于浪费状态,对于服务器不多的网站,该方案不经济实惠
- 双主模式:使用两个VIP地址,前端使用2台机器,互为主备,同时又两台机器工作,当其中一台机器出现故障,两台机器的请求转移到一台机器负担,适合于当前的架构环境
- 本实验模拟主备模式
二.实验环境
| 类型 | IP地址 | 系统 | 软件包 |
| nginx(master) | 192.168.43.101/24 VIP:192.168.43.100/24 |
centos7 | nginx-1.12.2.tar.gz keepalived |
| nginx(backup) | 192.168.43.104/24 VIP:192.168.43.100/24 |
centos7 | nginx-1.12.2.tar.gz keepalived |
| tomcat1 | 192.168.43.102/24 |
centos7 | jdk-8u231-linux-x64.tar.gz apache-tomcat-8.5.50.tar.gz |
| tomcat2 | 192.168.43.103/24 |
centos7 | jdk-8u231-linux-x64.tar.gz apache-tomcat-8.5.50.tar.gz |
| 客户机 | 192.168.43.105/24 |
centos7 |
注:此实验的虚拟机都是在NAT模式下进行
三.具体实验操作步骤
- tomcat服务器的配置
一.第一台Tomcat服务器配置
1.解压jdk的压缩包
tar xzvf jdk-8u231-linux-x64.tar.gz -C /usr/local
2.配置JAVA环境变量
vim /etc/profile //追加到末尾
export JAVA_HOME=/usr/local/jdk1.8.0_231
export JRE_HOME=${JAVA_HOME}/jre
export CLASSPATH=.:${JAVA_HOME}/lib:${JRE_HOME}/lib
export PATH=${JAVA_HOME}/bin:$PATH
3.加载JAVA环境变量
source /etc/profile
4.解压tomcat软件包
tar xzvf apache-tomcat-8.5.50.tar.gz -C /usr/local
5.修改目录名,便于操作
cd /usr/local
mv apache-tomcat-8.5.50/ tomcat/
6.创建软链接,优化服务控制方式
ln -s /usr/local/tomcat/bin/startup.sh /usr/local/bin/
ln -s /usr/local/tomcat/bin/shutdown.sh /usr/local/bin/
7.创建web站点,编辑站点内容
mkdir -pv /web/webapp1
vim index.jsp
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<html>
<head>
<title>JSP test1 page</title>
</head>
<body>
<% out.println("Welcome Tomcat 01");%>
</body>
</html>
~
8.修改Tomcat的server.xml文件,定义一个虚拟主机,并且将网站文件路径指向已经建立的/web/webapp1,在hos段增加context段
[root@localhost ~]# vim /usr/local/tomcat/conf/server.xml
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true">
<Context docBase="/web/webapp1" path="" reloadable="false">
</Context>
9.关闭安全性功能,开启服务
startup.sh
systemctl stop firewalld
setenforce 0
二.第二台Tomcat服务器配置
1.解压jdk的压缩包
tar xzvf jdk-8u231-linux-x64.tar.gz -C /usr/local
2.配置JAVA环境变量
vim /etc/profile //追加到末尾
export JAVA_HOME=/usr/local/jdk1.8.0_231
export JRE_HOME=${JAVA_HOME}/jre
export CLASSPATH=.:${JAVA_HOME}/lib:${JRE_HOME}/lib
export PATH=${JAVA_HOME}/bin:$PATH
3.加载JAVA环境变量
source /etc/profile
4.解压tomcat软件包
tar xzvf apache-tomcat-8.5.50.tar.gz -C /usr/local
5.修改目录名,便于操作
cd /usr/local
mv apache-tomcat-8.5.50/ tomcat/
6.创建软链接,优化服务控制方式
ln -s /usr/local/tomcat/bin/startup.sh /usr/local/bin/
ln -s /usr/local/tomcat/bin/shutdown.sh /usr/local/bin/
7.创建web站点,编辑站点内容
mkdir -pv /web/webapp1
vim index.jsp
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<html>
<head>
<title>JSP test1 page</title>
</head>
<body>
<% out.println("Welcome Tomcat 02");%>
</body>
</html>
~
8.修改Tomcat的server.xml文件,定义一个虚拟主机,并且将网站文件路径指向已经建立的/web/webapp1,在hos段增加context段
[root@localhost ~]# vim /usr/local/tomcat/conf/server.xml
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true">
<Context docBase="/web/webapp1" path="" reloadable="false">
</Context>
9.关闭安全性功能,开启服务
startup.sh
systemctl stop firewalld
setenforce 0- 主Nginx服务器的配置
1.解压软件包
tar xzvf nginx-1.12.2.tar.gz -C /opt
2.下载相关软件包
yum install pcre-devel zlib-devel gcc gcc-c++ make -y
3.创建nginx的用户
useradd -M -s /sbin/nologin nginx
4.编译安装nginx
cd /opt/nginx-1.12.2/
./configure \
--prefix=/usr/local/nginx \
--user=nginx --group=nginx \
--with-http_stub_status_module \ //启用状态统计
--with-http_gzip_static_module \ //启用gzip静态压缩
--with-http_flv_module //启用flv模块,提供寻求内存使用基于时间的偏移量文件
make && make install
4.编辑nginx的主配置文件
vim /usr/local/nginx/conf/nginx.conf
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
upstream tomcatserver { //upstream函数,配置tomcat服务器池
server 192.168.43.102:8080 weight=1; //weight代表权重
server 192.168.43.103:8080 weight=1;
}
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm;
proxy_pass http://tomcatserver; //反向代理到设置的tomcat服务器池
}
5.优化服务控制方式
ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin
6.检查语法,是否配置正确
[root@localhost ~]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@localhost ~]#
7.下载keepalived软件包
yum install keepalived -y
8.配置虚拟网卡
[root@localhost ~]# cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]# cp -p ifcfg-ens33 ifcfg-ens33:0
[root@localhost network-scripts]# vim ifcfg-ens33:0
DEVICE=ens33:0
IPADDR=192.168.100.100
NETMASK=255.255.255.0
ONBOOT=yes
9.配置keepalived文件
[root@localhost init.d]# cd /etc/keepalived/
[root@localhost keepalived]# vim keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
[email protected]
[email protected]
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id Nginx01
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.43.100
}
}
virtual_server 192.168.43.100 8080 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 50
protocol TCP
real_server 192.168.43.102 8080 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.43.103 8080 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
##其他的参数删除
10.关闭安全性功能,开启nginx服务、keepalived服务
systemctl stop firewalld
setenforce 0
ifup ens33:0
systemctl start keepalived
nginx
- 从Nginx服务器的配置
1.解压软件包
tar xzvf nginx-1.12.2.tar.gz -C /opt
2.下载相关软件包
yum install pcre-devel zlib-devel gcc gcc-c++ make -y
3.创建nginx的用户
useradd -M -s /sbin/nologin nginx
4.编译安装nginx
cd /opt/nginx-1.12.2/
./configure \
--prefix=/usr/local/nginx \
--user=nginx --group=nginx \
--with-http_stub_status_module \ //启用状态统计
--with-http_gzip_static_module \ //启用gzip静态压缩
--with-http_flv_module //启用flv模块,提供寻求内存使用基于时间的偏移量文件
make && make install
4.编辑nginx的主配置文件
vim /usr/local/nginx/conf/nginx.conf
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
upstream tomcatserver { //upstream函数,配置tomcat服务器池
server 192.168.43.102:8080 weight=1; //weight代表权重
server 192.168.43.103:8080 weight=1;
}
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm;
proxy_pass http://tomcatserver; //反向代理到设置的tomcat服务器池
}
5.优化服务控制方式
ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin
6.检查语法,是否配置正确
[root@localhost ~]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@localhost ~]#
7.下载keepalived软件包
yum install keepalived -y
8.配置虚拟网卡
[root@localhost ~]# cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]# cp -p ifcfg-ens33 ifcfg-ens33:0
[root@localhost network-scripts]# vim ifcfg-ens33:0
DEVICE=ens33:0
IPADDR=192.168.100.100
NETMASK=255.255.255.0
ONBOOT=yes
9.配置keepalived文件
[root@localhost init.d]# cd /etc/keepalived/
[root@localhost keepalived]# vim keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
[email protected]
[email protected]
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id Nginx02
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.43.100
}
}
virtual_server 192.168.43.100 8080 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 50
protocol TCP
real_server 192.168.43.102 8080 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.43.103 8080 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
##其他的参数删除
10.关闭安全性功能,开启nginx服务、keepalived服务
systemctl stop firewalld
setenforce 0
ifup ens33:0
systemctl start keepalived
nginx
- 在客户机上查看服务
- 模拟故障,关闭master nginx的服务,在客户机上访问VIP
